Windows Explorer Advanced File Search Filter Builder

Win Explorer Advanced File Search Filter Builder

Select filters; ext, content, author, title, image metadata, path, date, size, file types

Basic Rules

Operator	Example	Result
NOT	social NOT security	Finds items that contain social, but not security.
Space = AND	social security	Finds items that contain social and security. A space in the query is equivalent to an AND! For example, ext:jpg ext:png is an impossible combination! A file extension cannot be both ext:jpg AND ext:png.
OR	social OR security	Finds items that contain social or security.
Quotation marks	"social security"	Finds items that contain the exact phrase social security.

📎 File Extension & Content

🔍 File extension (ext:)

Manual: ext:jpg OR ext:png | Tags add cumulatively

png jpg pdf docx xlsx txt mp4 zip

Click tags to add OR combine

📄 Content search (content:"phrase")

Enable content search (auto-enabled when you type)

The proper way to search inside file contents for the exact phrase!

✍️ Author & Title Metadata

👤 Author (author:"name")

Enable author filter (auto-enabled when you type)

For multiple authors, author:"Name 1" OR author:"Name 2", edit manually

📌 Title (title:"document name")

Enable title filter (auto-enabled when you type)

For multiple titles, title:"Name 1" OR title:"Name 2", edit manually

🖼️ Image Metadata

📷 Camera Model (model:)

Enable model filter (auto-enabled when you type)

For multiple models, model:"Name 1" OR model:"Name 2", edit manually

📅 Date Taken (datetaken:)

Enable date taken (auto-enabled when selected)

Pick a date → checkbox auto-enables

📁 Path & Exclude Folder

📂 Limit to folder (path:)

Enable path filter (auto-enabled when you type)

🚫 Exclude folder (NOT path:)

Enable exclude folder (auto-enabled when you type)

💡 Type a path → checkbox enables automatically

📅 Date Modified & Size

📆 Date modified range

Enable date range (auto-enabled when date selected)

💡 Pick a start date → end date auto-fills

💾 Size range (KB / MB / GB)

KB MB GB

KB MB GB

Enable size range (auto-enabled when you type)

Type min or max value → size filter auto-enables | Supports KB, MB, GB

📋 🔍 Copy'n paste query into Windows Explorer

⚡ Un-click checkbox to remove filter. Builds Windows Explorer syntax with ext:, content:, author:, title:, model:, datetaken:, path:, NOT path:, datemodified:.., size:..

National Bank Email with subject Account Tax Records Maintenance Notification

For the record, this is a National Bank phishing email attempt that is recently going around, with subject Information about your online security and body "Account Tax Records Maintenance Notification"

What to do?  Report them, goto bottom of page. 

From: National Bank Direct Brokerage <noreply@tlnakf.com> Subject: Account Tax Records Maintenance Notification Account Tax Records Maintenance Notification   Dear Client, This notification is sent to inform you that your account tax records require maintenance in the form of a W-8BEN update. This process ensures that your tax classification and residency status are correctly reflected in our system. Your current record may have reached its scheduled review date or may not reflect your latest information. Under such circumstances, regulatory guidelines require us to request updated documentation. You may complete this update by accessing your account through our official, secured system at: Secure Account Maintenance Link After signing into your account, please locate the tax records or compliance section and follow the on-screen instructions to update your W-8BEN details. We do not collect or process tax data via email or direct messaging services. All updates must be completed through our secured platform.

Phishing Link

1. https://bnc-nbdb-coip.com/?token=xxxx

How to tell this is a Phishing email?

1. Check email address in full, if it's not from originating company then it's phishing.
2. Hover over all links in email, if it's not from the company's website then forget it.
3. The best way is to 

How to examine Email Message Source?

Now let's look at message source

1. Outlook.com->Actions->View Message Source. 
2. Gmail.com->More (down arrow to top right)->Show original.

Check for suspicious links, anything that does not originate from source domain, like apple.com.

Report Phishing Email (not as Spam)

1. Outlook.com->Junk (at Top)->Phishing Scam
2. Gmail.com->More (down-arrow to top right)->Report Phishing 

Report Phishing to Google

If you have received this email, take further action by

1. https://www.google.com/safebrowsing/report_phish/

Report phishing at Microsoft and government agencies

1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx

WealthSimple Phishing Email with subject Required Renewal Due to Expiration of Your W-8BEN Form

For the record, this is a Wealthsimple phishing email attempt that is recently going around, with subject Information about your online security and body "Required Renewal Due to Expiration of Your W-8BEN Form"

What to do?  Report them, goto bottom of page. 

From: Wealthsimple <account@chkkwz.com> Subject: Required Renewal Due to Expiration of Your W-8BEN Form Required Renewal Due to Expiration of Your W-8BEN Form   Dear Client, This notice is provided to inform you that the W-8BEN form currently associated with  your account has expired and is no longer valid for tax or regulatory purposes. The W-8BEN plays a critical role in certifying non-U.S. tax residency and determining appropriate withholding and reporting obligations. When tax documentation expires, it no longer satisfies compliance requirements. In the absence of a renewed W-8BEN, default tax treatment may be applied in accordance with applicable regulations. This may affect payment processing, income distributions, or other account-related activities. To ensure your account remains properly documented and compliant, a renewed W-8BEN must be submitted. The renewal process allows you to reconfirm your tax residency information and provide an updated certification reflecting your current status. Please complete the renewal through the secure portal below: Renew Certification After logging in, follow the instructions in the tax documentation section to review your information and submit a new certification. Upon approval, the renewed form will replace the expired documentation currently on file. Submitting your renewal in a timely manner helps ensure uninterrupted account processing and continued regulatory compliance. Have questions or need help? Reach out to our team. Wealthsimple 400 – 80 Spadina Avenue Toronto, ON, M5V 2J4 Instagram | Facebook | Twitter | Instagram Privacy Policy •  View in browser Replies to this email address are not monitored. Have questions? Visit our Help Centre or submit a request to our Client Support team. Managed accounts are offered by Wealthsimple Inc., a registered portfolio manager in each province and territory of Canada. © 2025 Wealthsimple Technologies Inc.

Phishing Link

1. https://bcupcehvwrzr.com/?token=xxxxx

How to tell this is a Phishing email?

1. Check email address in full, if it's not from originating company then it's phishing.
2. Hover over all links in email, if it's not from the company's website then forget it.
3. The best way is to 

How to examine Email Message Source?

Now let's look at message source

1. Outlook.com->Actions->View Message Source. 
2. Gmail.com->More (down arrow to top right)->Show original.

Check for suspicious links, anything that does not originate from source domain, like apple.com.

Report Phishing Email (not as Spam)

1. Outlook.com->Junk (at Top)->Phishing Scam
2. Gmail.com->More (down-arrow to top right)->Report Phishing 

Report Phishing to Google

If you have received this email, take further action by

1. https://www.google.com/safebrowsing/report_phish/

Report phishing at Microsoft and government agencies

1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx